CreditCardCo Blog

Like it or not, al-Qassam Cyber Fighters have resurfaced, this time with renewed energy. Indeed, they’ve already hit one of the nation’s biggest banks and they’re promising much more. No reason to doubt it, especially considering they promised this past December that they would begin their attacks this spring. True to their word, they opted to hit one of the nation’s biggest banks as their first this time around.

Call it what you will, this group of cyber thieves are somehow managing to stay a step ahead of law enforcement. Now, this sudden re-emergence has once again got banks on high alert. Among its promised bank hits, a total of nine, Bank of America, CitiGroup, U.S. Bancorp and PNC Financial are scrambling yet again, barely recovered from the first round of denial of service attacks. Officials expressed concern that computer technology is evolving so quickly it is hard for security experts to keep up.

In some cases, the world is applying digital technologies faster than our ability to understand the security implications and mitigate potential risks,

James Clapper, the Director of National Intelligence, told the U.S. Senate Intelligence Committee during a global briefing earlier this week. Army General Keith Alexander, head of the U.S. military’s Cyber Command, agreed.

Already on Tuesday, one of the nation’s biggest financial entities was hit and that catchphrase we had become so familiar with – intermittent issues – reined supreme yet again. And, just like before, the attacks slow the websites down significantly by overloading the bank servers with thousands of requests being sent every second. This “clogs” that network so that legitimate bank customers can’t get through in order to handle their banking and financial needs. There are still no clues as to where the attacks are coming from.

A Look Back

al-Qassam said it would “relentlessly hit U.S. financial institutions” until a video that insulted a Muslim figure had been removed from the YouTube website. During the attacks, customer data was not compromised – and while it’s still early, it doesn’t appear to be any different this time around. That said, the data is still compromised and these attacks could serve as a diversion to carry out more worse attacks. The goal is to complicate efforts of account holders as well as banking officials. In December, the group suddenly announced it would halt the attacks because the video had been removed. What made this so interesting is no one knows who ultimately removed the video. There were those in the security field who believed a former banker who, in 2010, was convicted of bank fraud. He spent close to two years in prison and had already been released when the video was pulled.

For awhile, there were concerns that there were countless copies of the video that users had downloaded. The group promised in December that if it discovered more videos, it would begin the attacks again.

At one time, the group promised to continue its attacks for at least a year. In fact, there was talk that the attacks would begin with vengeance in the spring. Spring has arrived.

All of the major banks are on alert as they’ve been warned that these attacks could be prolonged and that they should be treated as a top security threat. Yesterday, users discovered firsthand that the fraudsters were back at it as they experienced slow downs or a complete inability to conduct their business.

Growing Threats

The timing couldn’t be worse. Intelligence officials said that the attacks, along with cyber espionage, has easily surpassed terrorism as the top threat facing the U.S. Meanwhile, all of the banks have begun warning customers and investors that the attacks have begun again and once again, there is no solution. And now, White House national security adviser Tom Donilon is citing the growing list of American companies who have voiced concerns about alleged Chinese cyber espionage. It too is serving as a particular worrisome issue as it’s described as a “growing challenge to economic relations between the United States and China.” Meanwhile, China said that it too was concerned and that it would be willing to meet with U.S. officials to discuss cyber security.

Sequestration

Not only that, but during one meeting with the Intelligence Committee, concerns were voiced of an alarming number of “U.S. intelligence capabilities” that are sure to be damaged, if not destroyed, unless Congress makes definitive moves to lessen the financial pressures we feel due to the budget cuts, better known as sequestration. Remember, there were concerns last week that thousands of FBI employees are facing furloughs. Now, we learn that at least five thousand intelligence contractors are at risk of being let go.

The China Consideration

At least one security company has blatantly accused China of being behind the attacks on American industries. China denies those accusations and insists that it is being targeted by the U.S. and that it’s concerned that our country is conducting “cyber spying”.

Wondering what this means for you and me and ever other consumer? There are many direct and indirect repercussions for our wallets. First, the annual economic loss along from these types of cyber attacks is estimated to be in the tens of billions of dollars. Then, of course, there are the frustrations and concerns about how the hackers continue to bypass bank security. No one can say for sure whether or not our money is safe, whether our credit card information is protected against these savvy crooks or even if our online banking efforts aren’t going to result in some kind of chain reaction. Remember, even our own security analysts say the problems are worsening. In fact, it’s believed both the intensity and the number of these attacks will “grow significantly throughout the year”. This, according to General Alexander, means the military is increasing its presence and is “beefing up our cyber warrior teams, adding troops from across the military along with civilians”.

Committee Hearings

There were several committee hearings yesterday. While these latest banking targets are worrisome enough, there’s also another problem. Another group of hackers have opted to target celebrities and politicians. Already, Vice President Biden’s identity has been stolen and personal information was published online. Now, the first lady has been targeted. Her information has also been published on a website. Our editors won’t be publishing the website for obvious security reasons. We have confirmed, however, the site indeed exists.

As a result of those attacks, the Pentagon announced it was in the process of creating thirteen teams that will be used to remedy these specific problems targeting political leaders and celebrities. For us every day folks, Army General Alexander said his focus was to create teams to defend the nation’s technology structures. There are worries about hackers gaining access to our military secrets as well. His group, Cyber Combat Mission, will also include a Cyber Protection group that will focus on the military while the other groups will focus on banks and consumers.

The thirteen groups being planned by the Pentagon are expected to be in place by 2015. Meanwhile, General Alexander hopes to have his teams up within a few months and in fact, already one team is make preparations now that will focus on private companies and in particular the American banking sector.